First CentOS newsletter in 2010

This just in from our newsletter team: With a little delay, issue #1001 of the CentOS Pulse newsletter has been released. In this issue we have a very interesting interview on the usage of CentOS at University College London, a report on FOSDEM 2010 (where nearly all of the main CentOS personnel showed up) and, of course, the usual categories likecommunity, jokes and updates. You can read the newsletter at: More information about the newsletter and how you can contribute is available from: We always welcome comments and suggestions :) Enjoy Reading! The Newsletter Team.

Geschrieben um 23:27

[/centos] [permanent link] [Startseite]

CentOS 5.4

Feeling a bit nervous because there’s nothing new to install? Don’t fret, we just released CentOS 5.4. Release Notes can be found here, while you can find the release here. Have fun.

Geschrieben um 23:48

[/centos] [permanent link] [Startseite]

The CentOS Bible

Fair is fair: After I mentioned the Definitive Guide to CentOS here, I also should mention that the CentOS Bible has been available since around August.

This one doesn’t have my name on the cover, only on the inside, as I was the technical reviewer for this book. The CentOS Bible can be used as a reference book for many things regarding CentOS, while the Definitive Guide to CentOS is more of a solution oriented book. Both are worth having, IMHO, for personal reasons (hey, I wrote some of it) I prefer the Definitive Guide, though.

Geschrieben um 13:37

[/centos] [permanent link] [Startseite]

The definitive guide to CentOS

And now for something good: “The book” is out. It still feels strange to see your own name on the cover of a book, but also very good. More about the book.

Geschrieben um 13:43

[/centos] [permanent link] [Startseite]

An open letter to Lance

As some of you might have noticed during the last weeks or months, the CentOS project wasn’t running as smoothly as it could or should. There was a reason behind that which I couldn’t mention to others when asked. Now that it is in the open, let me share a few of my thoughts. And let us hope that we now can get back to the level of openness and transparency we once had.

But first things first: An open letter to Lance Davis, one of the CentOS Project founders, has been published on the CentOS web site and on the main CentOS mailing list, so you might want to read that before reading further here.

Back? Good. I’ve been following the CentOS project since some time in 2004 and have been an active member of the CentOS team since 2006. Lance has been around for longer, being a founder and all. First time I met Lance was in 2007 at Fosdem in Brussels and then again at LinuxTag in Berlin. Everything seemed fine there. But from then on things seemed to deteriorate.

Lance vanished from the project some time in 2008. Everybody needs time off from projects from time to time, so there was no real need to worry about that. What there was to worry about is the following: Lance is the only one, who can make active changes to the domain, as he “owns it”. Nobody else in the team is able to add nameservers, for instance. Recently he put an anonymizing service on the domain, so that nobody from the outside can see who that domain belongs to.

The third thing - and that is the one which hurts me the most - is that Lance is the one who has access to the Google AdSense and the Paypal accounts, again without a backup. We have asked for overviews of the accounts several times now and haven’t gotten back any answers. This money was donated towards the project and could have been used for professionally made media for fairs and conventions, professionally made advertisement material for the same, hardware, community support (give out media to people who want to show off CentOS) and so on. To make it clear: Nobody in the CentOS team wants to make money off the project, we all have jobs and do CentOS in our free time.

This means that the project depends on one person in too many ways. Add to that a person who doesn’t answer calls, isn’t available as meetings, doesn’t publish things he promised to do - we have a problem. And this is unacceptable. We as a project have to be more transparent. And this is one of the things blocking this.

As Lance hasn’t answered requests regarding that over the last few months, the remaining team now has put a stop on that. For the moment all ads have been removed from website and wiki and we are not accepting any paypal donations anymore.

We still want Lance to be able to answer all of that in a good fashion, so that everything can be corrected. So the step might seem a bit drastic at the moment (but this has been lingering for quite some time now). It might also seem like our reaction has come too late. It might also mean that we will lose the domain. And all the money people have donated towards the project and not to one person. I would like to offer my apologies for that.

But either way, we will continue and get the project back on track. With your help, I hope, as I still think that CentOS is one heck of a cool project to work on.

Other people’s thoughts about this issue: Tim Verhoeven’s Blog, Karanbir Singh’s Blog and Russ Herrold’s Blog. There will also be much discussion in the mailing lists, I guess. Please partake if you want to add your opinion.

Here is the letter:

July 30, 2009 04:39 UTC

This is an Open Letter to Lance Davis from fellow CentOS Developers

It is regrettable that we are forced to send this letter but we are left with no other options. For some time now we have been attempting to resolve these problems:

You seem to have crawled into a hole … and this is not acceptable.

You have long promised a statement of CentOS project funds; to this date this has not appeared.

You hold sole control of the domain with no deputy; this is not proper.

You have, it seems, sole ‘Founders’ rights in the IRC channels with no deputy ; this is not proper.

When I (Russ) try to call the phone numbers for UK Linux, and for you individually, I get a telco intercept ‘Lines are temporarily busy’ for the last two weeks. Finally yesterday, a voicemail in your voice picked up, and I left a message urgently requesting a reply. Karanbir also reports calling and leaving messages without your reply.

Please do not kill CentOS through your fear of shared management of the project.

Clearly the project dies if all the developers walk away.

Please contact me, or any other signer of this letter at once, to arrange for the required information to keep the project alive at the ‘’ domain.


Russ Herrold
Ralph Angenendt
Karanbir Singh
Jim Perrin
Donavan Nelson
Tim Verhoeven
Tru Huynh
Johnny Hughes

Geschrieben um 13:00

[/centos] [permanent link] [Startseite]

Break-In attempt on

Dear Users: on Friday evening, July 3rd (UTC) we found a few suspicious files on the CentOS webserver. Upon investigating we found out that the files had been put there through Xoops (the CMS runs on) - and that this was possible due to a an administrative error which has been corrected.

As far as we can see there has been no data or binary injected into the system or taken from the system. The machine hasn’t been used as a source for sending spam (in the widest possible meaning) either.

We have been able to identify the source of the attacks, but have not been able to find out if the files have been put there through a compromised user account in the Xoops system. Although we are fairly sure that there has been no such compromise, we have enforced a password expiry on all accounts on the system. and - though being on the same machine - have not been affected by this.

All users having an account on need to acquire a new password through the “lost password” system of Xoops.

We are terribly sorry for any inconvenience this might cause you and would like to apologize for that.

Geschrieben um 03:22

[/centos] [permanent link] [Startseite]

Trouble understanding SELinux?

Yes, many people seem to have that, so you are not alone. When first confronted with that rather large and underdocumented framework, it also took me a while to not give up and then a bit more time to understand most of the basics. And with the lack of documentation it doesn’t really get easier.

Looks like someone at Red Hat had the same feeling and funded Murray McAlliser to write The Security-Enhanced Linux User Guide. After skimming over it it looks like it builds up on the SELinux policy which is in Fedora 9 and 10, which is a good step forward from the policy set in CentOS 5 (and let us not talk about CentOS 4). So not everything mentioned in that guide can be used directly on CentOS 5, but the basics are explained somewhat better than in the Deployment Guide.

So if you want to or have to work with SELinux for the first time this guide definitely is worth a read.

I just stumbled over this on Dan Walsh’s SELinux blog and thought I’d share it. This also has a plethora of SELinux knowledge in it.

Geschrieben um 08:58

[/centos] [permanent link] [Startseite]

Froscon 2008

If you are one of the people who are in St. Augustin for Froscon 2008 and if you are reading this blog or, then you are the person who wants to come to the CentOS booth and have a talk with us!

See you all there on Saturday, 23rd of August or Sunday, the 24th of August.

Geschrieben um 23:46

[/centos] [permanent link] [Startseite]

CentOS 5.2 has been released

The CentOS team is pleased to announce the release of CentOS 5.2 - the latest update for the CentOS 5 series.

Major changes in CentOS 5.2 compared to CentOS 5.1 are: Firefox 3, Thunderbird 2, 2.3 and Evolution 2.12 on the Desktop side, Samba 3.0.28, xen-3.2 and an upgraded kernel with lots of driver updates on the server side of the system.

Read the Release Notes, the Release Announcement and get it while it’s hot from a mirror close to you.

Geschrieben um 16:25

[/centos] [permanent link] [Startseite]

Going to Linuxtag

So I’m leaving for Linuxtag tomorrow - and if anyone of you wants to meet up there from Wednesday, 28th of May to Saturday 31st of May - you can find us at the booth 109 in hall 7.2b. See you there!

Geschrieben um 00:35

[/centos] [permanent link] [Startseite]

Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 2.0 Germany License.